Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/d81aa2-8a55-40db-96dc-8fbb5128a2c9/1/RW_H_ESDaZiZhgwMqK0qV1tKkxQ.roa
File: RW_H_ESDaZiZhgwMqK0qV1tKkxQ.roa (raw, json)
Hash identifier: 8rlM5Gf4dfcpQSnuob8gpQKJA3IonaJYfplAZEgt4uw=
Subject key identifier: 45:6F:C7:FC:44:83:69:98:99:86:0C:0C:A8:AD:2A:57:5B:4A:93:14
Certificate issuer: /CN=ae3adb58c108b8bb13e43c15eea3c7899b64a3aa
Certificate serial: 019420686DFA3092EC8755126E3A379B7BFF
Authority key identifier: AE:3A:DB:58:C1:08:B8:BB:13:E4:3C:15:EE:A3:C7:89:9B:64:A3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rjrbWMEIuLsT5DwV7qPHiZtko6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/d81aa2-8a55-40db-96dc-8fbb5128a2c9/1/RW_H_ESDaZiZhgwMqK0qV1tKkxQ.roa
Signing time: Wed 01 Jan 2025 05:48:22 +0000
ROA not before: Wed 01 Jan 2025 05:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21137
IP address blocks: 194.4.140.0/24 maxlen: 24
194.4.141.0/24 maxlen: 24
194.4.142.0/24 maxlen: 24
194.4.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:6d:fa:30:92:ec:87:55:12:6e:3a:37:9b:7b:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae3adb58c108b8bb13e43c15eea3c7899b64a3aa
Validity
Not Before: Jan 1 05:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=456fc7fc4483699899860c0ca8ad2a575b4a9314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7f:2e:44:1a:38:5a:27:39:45:4b:e0:a1:2f:
8a:8a:1a:8c:3a:70:ef:93:95:c6:15:41:92:71:06:
f1:a0:54:d9:fe:85:67:f9:9f:86:f1:a4:fc:8c:8a:
e9:9d:db:f8:3c:ff:7e:7d:ad:4f:60:f9:19:74:bc:
8b:6d:85:22:9c:34:5d:66:d0:29:1a:53:5a:a1:6c:
a4:20:a2:11:dc:8b:cb:0f:43:a5:9f:55:34:16:8f:
70:d8:81:55:c0:43:89:5e:e5:85:0a:fe:71:ca:fd:
62:24:7e:88:23:87:9f:17:39:b9:63:e9:0c:16:eb:
ac:3b:4f:d5:31:76:0e:67:9c:bc:e3:2a:62:b4:b0:
9b:dc:e9:64:e3:03:49:69:cb:ae:4d:ce:b4:9e:00:
2e:f4:59:f8:8e:d5:2e:c9:0b:cb:8d:da:f3:df:b7:
a2:21:15:22:a2:c7:38:21:91:bc:eb:46:67:53:b6:
d9:03:84:d4:dd:b3:cb:b6:fe:c9:87:c4:07:6a:a7:
57:b6:05:89:ad:0a:4d:10:ba:7b:50:f5:4d:19:cb:
e4:b4:e2:35:6d:be:6a:f4:88:da:02:d9:83:fd:31:
85:71:08:13:88:b0:6d:ba:14:9f:74:63:29:c9:52:
74:37:f6:58:87:5d:a5:ff:4a:7d:14:0c:d9:ba:ed:
e8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:6F:C7:FC:44:83:69:98:99:86:0C:0C:A8:AD:2A:57:5B:4A:93:14
X509v3 Authority Key Identifier:
keyid:AE:3A:DB:58:C1:08:B8:BB:13:E4:3C:15:EE:A3:C7:89:9B:64:A3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rjrbWMEIuLsT5DwV7qPHiZtko6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/d81aa2-8a55-40db-96dc-8fbb5128a2c9/1/RW_H_ESDaZiZhgwMqK0qV1tKkxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/d81aa2-8a55-40db-96dc-8fbb5128a2c9/1/rjrbWMEIuLsT5DwV7qPHiZtko6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.4.140.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:18:bd:39:c5:5e:a3:5d:57:c7:a3:a3:b0:a7:1d:44:e9:a9:
81:b3:e6:35:24:21:93:aa:c9:81:10:8d:f3:74:f9:5e:9f:7e:
b9:21:73:cf:a3:89:20:12:9c:48:6c:b6:c7:6a:8b:c1:69:74:
72:68:2f:5a:08:4e:74:cf:ee:d7:8a:26:05:41:bb:91:2c:7b:
ea:ce:f8:3b:d6:96:b7:1e:cb:db:e9:53:a8:42:46:d5:15:99:
50:53:0f:85:89:42:cb:0f:9e:78:99:d6:36:9a:83:33:61:5b:
e8:2f:66:b8:22:de:2f:86:c7:db:f4:57:61:b3:e5:d7:4d:3a:
3a:d6:50:a0:39:fb:21:b1:ab:14:5c:1c:55:55:19:0d:c9:8d:
f0:ad:97:4d:f6:b9:bb:1b:21:a8:5b:7f:da:97:8e:02:ba:c7:
fa:c4:95:65:8e:cc:de:02:d2:a4:a4:cd:f3:60:45:ec:ec:88:
fa:8d:b4:e3:c9:b0:45:dc:25:0d:b4:7d:71:8b:da:46:fd:14:
22:2e:bb:ba:3d:2b:16:aa:b4:40:d9:43:36:2f:91:d9:c0:a6:
73:3b:70:0c:dc:db:18:0c:82:c8:a7:b6:43:b8:85:16:14:14:
49:21:a9:64:f8:b1:df:2e:53:4b:6c:8c:f6:12:eb:ac:62:b3:
ba:9d:ac:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaG36MJLsh1USbjo3m3v/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlM2FkYjU4YzEwOGI4YmIxM2U0M2MxNWVlYTNjNzg5OWI2
NGEzYWEwHhcNMjUwMTAxMDU0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTZmYzdmYzQ0ODM2OTk4OTk4NjBjMGNhOGFkMmE1NzViNGE5MzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx38uRBo4Wic5RUvgoS+KihqMOnDv
k5XGFUGScQbxoFTZ/oVn+Z+G8aT8jIrpndv4PP9+fa1PYPkZdLyLbYUinDRdZtAp
GlNaoWykIKIR3IvLD0Oln1U0Fo9w2IFVwEOJXuWFCv5xyv1iJH6II4efFzm5Y+kM
FuusO0/VMXYOZ5y84ypitLCb3Olk4wNJacuuTc60ngAu9Fn4jtUuyQvLjdrz37ei
IRUiosc4IZG860ZnU7bZA4TU3bPLtv7Jh8QHaqdXtgWJrQpNELp7UPVNGcvktOI1
bb5q9IjaAtmD/TGFcQgTiLBtuhSfdGMpyVJ0N/ZYh12l/0p9FAzZuu3o3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEVvx/xEg2mYmYYMDKitKldbSpMUMB8GA1UdIwQY
MBaAFK4621jBCLi7E+Q8Fe6jx4mbZKOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmpyYldNRUl1THNUNUR3VjdxUEhpWnRrbzZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9kODFhYTItOGE1NS00MGRiLTk2ZGMt
OGZiYjUxMjhhMmM5LzEvUldfSF9FU0RhWmlaaGd3TXFLMHFWMXRLa3hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9kODFhYTItOGE1NS00MGRiLTk2ZGMtOGZiYjUxMjhhMmM5
LzEvcmpyYldNRUl1THNUNUR3VjdxUEhpWnRrbzZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwgSMMA0G
CSqGSIb3DQEBCwUAA4IBAQBbGL05xV6jXVfHo6Owpx1E6amBs+Y1JCGTqsmBEI3z
dPlen365IXPPo4kgEpxIbLbHaovBaXRyaC9aCE50z+7XiiYFQbuRLHvqzvg71pa3
Hsvb6VOoQkbVFZlQUw+FiULLD554mdY2moMzYVvoL2a4It4vhsfb9Fdhs+XXTTo6
1lCgOfshsasUXBxVVRkNyY3wrZdN9rm7GyGoW3/al44Cusf6xJVljszeAtKkpM3z
YEXs7Ij6jbTjybBF3CUNtH1xi9pG/RQiLru6PSsWqrRA2UM2L5HZwKZzO3AM3NsY
DILIp7ZDuIUWFBRJIalk+LHfLlNLbIz2EuusYrO6naz3
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:30:47 2025 by rpki-client